On Tue, Aug 01, 2000 at 08:13:24AM -0400, Bryan C.Warnock wrote:
> On Tue, 01 Aug 2000, Matthew Cline wrote:
>
> >
> > I would prefer something like:
> >
> > #! perl -T
> > $ENV{PATH} = untaint( read_config_file() );
> >
> > In other words, either make the 'Taint' and 'Untaint' packages part of the
> > standard distribution, or put them into the core language.
> >
>
> This is (currently) easy to do.
Let me just say that Larry has said in the past that untainting was
deliberatly left difficult to do, on the basis that something which
can have serious effect (ie security) should not be easy to do.
But then I suppose all previous decisions are up for re-deciding
Graham.
- RFC: On-the-fly tainting via $^T Nathan Wiger
- Re: RFC: On-the-fly tainting via $^T Matthew Cline
- Re: RFC: On-the-fly tainting via $^T Bryan C . Warnock
- Re: RFC: On-the-fly tainting via $^T Graham Barr
- Re: RFC: On-the-fly tainting via $^T Simon Cozens
- Re: RFC: On-the-fly tainting via $... John Tobey
- Re: RFC: On-the-fly tainting via $^T Dan Sugalski
- Re: RFC: On-the-fly tainting via $^T Matthew Cline
- Re: RFC: On-the-fly tainting via $^T Dan Sugalski
- Re: RFC: On-the-fly tainting via $^T Nathan Torkington
- Re: RFC: On-the-fly tainting via $^T Chaim Frenkel
- Re: RFC: On-the-fly tainting via $^T Dan Sugalski
- Re: RFC: On-the-fly tainting via $^T Graham Barr
- Re: RFC: On-the-fly tainting via $^T Dan Sugalski
